b"                                                                      Office of Inspector General\n\n                                                                      U.S. Department of Homeland Security\n                                                                      Washington, DC 20528\n\n\n\n\nMEMORANDUM FOR: The Honorable Edmund S. Hawley\n                Assistant Secretary\n                Transportation Security Administration\n\n                          R. David Paulison\n                          Under Secretary\n                          Federal Emergency Management Agency\n\nFROM:                     Richard L. Skinner\n                          Inspector General\n\nSUBJECT:                  Audit of Transportation Security Administration\n                          Continuity of Operations Program\n\n\nAttached for your action is our report Audit of Transportation Security Administration Continuity of\nOperations Program. We have incorporated comments received from the Transportation Security\nAdministration (TSA) and the Federal Emergency Management Agency (FEMA) as Appendix B to\nthis report. The complete report has been designated \xe2\x80\x9cSensitive Security Information\xe2\x80\x9d because it\ncontains information that should not be disclosed to the public.\n\nThis report contains four recommendations, three to TSA and one to FEMA. TSA concurred with\ntheir three recommendations and has made significant progress in addressing our concerns. We\nconsider the recommendations resolved but will remain open until implementation is complete.\nWhile FEMA concurred with Recommendation #4, the agency did not tell us specifically what\nactions it intends to take in order to resolve the recommendation. Therefore, we consider the\nrecommendation unresolved and open. Please advise our office within 90 days of the date of this\nmemorandum of progress made in implementing your respective recommendations and the date by\nwhich each recommendation will be fully implemented.\n\nConsistent with our responsibility under the Inspector General Act, we are providing copies of our\nreports to appropriate congressional committees with oversight and appropriation responsibilities\nover DHS.\n\nShould you have any questions, please contact me, or your staff may contact David M. Zavada,\nAssistant Inspector General for Audits, at (202) 254-4100.\n\x0cDEPARTMENT OF HOMELAND SECURITY\n                Office of Inspector General\n\n      Transportation Security Administration\n        Continuity of Operations Program\n\n                                   (Redacted)\n\n\n\n\nThe Department of Homeland Security, Office of Inspector General, has redacted this report for public\nrelease. A review under the Freedom of Information Act will be conducted upon request.\n\n\n\n\n                              Office of Audits\n\nOIG-06-60                                                         August 2006\n\x0c                                                                                   Office of Inspector General\n\n                                                                                   U.S. Department of Homeland Security\n                                                                                   Washington, DC 20528\n\n\n\n\n                                      August 28, 2006\n\n\n                                      Preface\n\nThe Department of Homeland Security (DHS) Office of Inspector General (OIG) was established by\nthe Homeland Security Act of 2002 (Public Law 107-296) by amendment to the Inspector General\nAct of 1978. This is one of a series of audit, inspection, and special reports prepared as part of our\nDHS oversight responsibilities to promote economy, efficiency, and effectiveness within the\ndepartment.\n\nThis report assesses the strengths and weaknesses of the Transportation Security Administration\n(TSA) Continuity of Operations (COOP) Program and its ability to continue mission-essential\nfunctions during emergency situations. It is based on interviews with employees and officials of\nrelevant agencies and institutions, direct observations, and a review of applicable documents.\n\nThe recommendations herein have been developed to the best knowledge available to our office, and\nhave been discussed in draft with those responsible for implementation. It is our hope that this\nreport will result in more effective, efficient, and economical operations. We express our\nappreciation to all of those who contributed to the preparation of this report.\n\n\n\n\n                                      Richard L. Skinner\n                                      Inspector General\n\n\n\n\n                                   Audit of TSA Continuity of Operations Program\n\x0cTable of Contents/Abbreviations\n\n  Executive Summary ......................................................................................................................... 1\n\n  Background ...................................................................................................................................... 2\n\n  Results of Audit ............................................................................................................................... 5\n\n       TSA COOP Plan and Program Elements................................................................................... 7\n\n       TSA COOP Priority and Oversight.......................................................................................... 18\n         Recommendations.............................................................................................................. 20\n         Management Comments and OIG Analysis ...................................................................... 21\n\n       DHS COOP Oversight ............................................................................................................. 22\n         Recommendations.............................................................................................................. 24\n         Management Comments and OIG Analysis ...................................................................... 24\n\n\n  Appendices\n\n       Appendix A:              Purpose, Scope, and Methodology................................................................. 26\n       Appendix B:              Management Comments ................................................................................ 27\n       Appendix C:              Key Sources of Guidance for Federal COOP Planning ................................. 35\n       Appendix D:              Major Contributors to this Report.................................................................. 36\n       Appendix E:              Report Distribution ........................................................................................ 37\n\n\n\n\n                                                 Audit of TSA Continuity of Operations Program\n\x0cTable of Contents/Abbreviations\n\n  Abbreviations\n    AOF           Alternate Operating Facility\n    COOP          Continuity of Operations\n    DHS           Department of Homeland Security\n    FEMA          Federal Emergency Management Agency\n    FPC           Federal Preparedness Circular\n    GAO           Government Accountability Office\n    HQ            Headquarters\n    IT            Information Technology\n    OCIO          Office of Chief Information Officer\n    OIG           Office of Inspector General\n    OLE           Office of Law Enforcement\n    ONSC          Office of National Security Coordination\n    PDD           Presidential Decision Directive\n    TSA           Transportation Security Administration\n    TSOC          Transportation Security Operations Center\n    TT&E          Test, Training, and Exercise\n\n\n\n\n                              Audit of TSA Continuity of Operations Program\n\x0cOIG\nDepartment of Homeland Security\nOffice of Inspector General\n\nExecutive Summary\n                The Transportation Security Administration\xe2\x80\x99s (TSA\xe2\x80\x99s) ability to continue its\n                mission-essential functions during a variety of emergencies is at risk due to the\n                lack of a comprehensive and effective Continuity of Operations (COOP) plan\n                and program. The TSA Headquarters (HQ) COOP Plan and Program only\n                partially address the 11 required elements that define a viable COOP.\n                The TSA COOP plan provides only a minimal COOP capability because TSA\n                management has not adequately analyzed or approved the plan to ensure that\n                only essential functions and associated emergency staff are included; established\n                a viable alternate work site; adequately integrated field operations into its\n                planning; and taken steps to ensure that staff would have uninterrupted access to\n                critical applications and data to continue essential TSA operations. Without a\n                complete and viable COOP plan, TSA\xe2\x80\x99s ability to support, coordinate, and direct\n                intermodal transportation security during an emergency could be impaired or\n                fail. In addition, DHS, through its lead component on COOP matters -- the\n                Federal Emergency Management Agency (FEMA) -- has provided only limited\n                oversight of TSA COOP activities and has not assessed the extent to which\n                TSA, as well as other DHS components, are maintaining a COOP plan and\n                program that is current and contains all required information.\n                Accordingly, we are making recommendations to TSA and FEMA to take\n                appropriate steps to ensure that TSA implements a comprehensive and effective\n                COOP plan and program. TSA and FEMA concurred with our\n                recommendations. TSA noted progress made in the COOP program since the\n                end of our fieldwork. FEMA stated that the agency does not currently have the\n                authority to serve as a regulatory agent responsible for ensuring that agencies\n                have a viable COOP program in full compliance with Federal Preparedness\n                Circular FPC 65.\n\n\n\n\n                               Audit of TSA Continuity of Operations Program\n                                                  Page 1\n\x0c    Background\n                         Continuity of Operations (COOP) 1 planning is the means by which federal\n                         departments, agencies, and their subcomponents ensure that their mission-\n                         essential functions continue under all circumstances. As a baseline of\n                         preparedness for the full range of potential emergencies, all federal agencies are\n                         required to establish a viable COOP capability, which ensures the performance\n                         of their mission-essential functions during any emergency situation that may\n                         disrupt normal operations.\n\n                         While concerns about potential catastrophic attacks and other serious\n                         emergencies is the catalyst for much of COOP planning, COOP activation can\n                         also occur in response to routine building renovation or maintenance,\n                         mechanical failure of building systems, fire, inclement weather, or other acts of\n                         nature. 2 Federal COOP guidance considers the possibility that threats or attacks\n                         could render federal government operations unavailable for even the slightest\n                         period to be unacceptable, as essential functions must continue.\n\n                         COOP planning was initially developed during the Cold War to preserve the\n                         United States government in the event of a nuclear attack. The changing threat\n                         environment and potential for emergencies with minimal or no warning, such as\n                         acts of terror, accidents, technological emergency situations, and natural\n                         disasters, have increased the need for COOP capabilities and plans to enable\n                         agencies to continue their mission-essential functions across a broad range of\n                         potential emergencies. COOP planning is a good business practice and part of\n                         the fundamental mission of agencies as responsible and reliable public\n                         institutions.\n\n                         Federal Guidance on COOP\n\n                         According to FPC 65, 3 an agency\xe2\x80\x99s COOP capability must:\n\n                              \xe2\x80\xa2   Be capable of implementation both with and without warning;\n                              \xe2\x80\xa2   Be operational no later than 12 hours after activation;\n                              \xe2\x80\xa2   Be capable of maintaining sustained operations for up to 30 days;\n\n\n\n\n1\n  Federal Preparedness Circular (FPC) 65, Federal Executive Branch Continuity of Operations, defines the required\nelements for viable federal COOP plans.\n2\n  \xe2\x80\x9cContinuity of Operations in the Executive Branch: Background and Issues for Congress,\xe2\x80\x9d RL31857, Congressional\nResearch Service, November 8, 2004.\n3\n  Originally issued on July 26, 1999, FPC 65 was revised and reissued on June 15, 2004\n\n\n                                         Audit of TSA Continuity of Operations Program\n                                                            Page 2\n\x0c                    \xe2\x80\xa2      Include tests, training, and exercises for personnel, equipment, systems,\n                           processes, and procedures used to support the agency during a COOP\n                           event;\n                    \xe2\x80\xa2      Take maximum advantage of existing agency field infrastructures; and\n                    \xe2\x80\xa2      Include the development, maintenance, and annual review of agency\n                           COOP capabilities using a multi-year strategy and program management\n                           plan.\n\n                    As shown in Table 2, FPC 65 provides definitions and guidance for 11\n                    elements that agency COOP plans and programs must contain to maintain a\n                    viable COOP capability.\n\n\n                                 TABLE 2: COOP Elements As Defined By FPC 65\n             COOP Element                                          Description\n                                        Functions that enable the federal government to provide vital services, exercise\nMission-Essential Functions             civil authority, maintain the safety and well being of the general populace, and\n                                        sustain the industrial and economic base in an emergency situation.\n                                        Facilities used to carry out mission-essential functions in a COOP situation if the\nAlternate Operating Facilities (AOF)\n                                        agency\xe2\x80\x99s primary facility is unavailable.\n                                        Provisions for the assumption of senior agency offices during an emergency in\nOrders of Succession\n                                        the event that any of those officials are unavailable to execute their legal duties.\n                                        Predetermined statements that specify who is authorized to act on behalf of\nDelegations of Authority\n                                        agency leadership for specific purposes.\n                                        Capability to transfer statutory authority and responsibility for mission-essential\n                                        functions from an agency's primary operating staff and facilities to other\nDevolution\n                                        employees and facilities, and to sustain operational capability for an extended\n                                        period.\n                                        Electronic and hardcopy records needed to support mission-essential functions\nVital Records\n                                        during a COOP situation.\n                                        Alternate communications that provide the capability to perform essential\nInteroperable Communications\n                                        functions until normal operations can be resumed.\n                                        Measures to ensure that an agency's COOP program can implement the COOP\nTests, Training, and Exercises\n                                        plan and support mission-essential functions during an emergency situation.\n                                        Process by which an agency transitions from COOP implementation to\nReconstitution\n                                        resumption of normal operations.\n                                        Plans and actions to respond to threats that employees are most likely to face\nHuman Capital                           during COOP activation, such as dismissal procedures, agency guidelines for\n                                        communicating to employees, and staffing flexibilities, such as telework.\n                                        Plans and procedures to be developed and documented so that agency personnel\n                                        will know what to do in an emergency situation. Plans and procedures are\nPlans and Procedures                    required for the three phases of COOP implementation: activation and relocation;\n                                        AOF operations; and reconstitution.\n\n\n\n\n                                 Audit of TSA Continuity of Operations Program\n                                                    Page 3\n\x0c                         According to Executive Order 12656 (EO 12656), 4 FEMA shall coordinate and\n                         support the initiation, development, and implementation of national security\n                         emergency preparedness programs and plans among Federal departments and\n                         agencies; and provide the President a periodic assessment of Federal, State, and\n                         local capabilities to respond to national security emergencies. EO 13286\n                         transferred these responsibilities to the Secretary of Homeland Security. 5 In\n                         March 2004, DHS Delegation Number 9001 assigned the authorities to the\n                         Under Secretary for Emergency Preparedness and Response. Presidential\n                         Decision Directive (PDD) 67 establishes FEMA as the lead agency for federal\n                         Executive Branch COOP. The June 2004 revision of FPC 65 requires FEMA to\n                         \xe2\x80\x9coversee and assess the status of COOP capabilities\xe2\x80\x9d government-wide. A\n                         detailed discussion of the authorities and guidance for federal COOP planning\n                         can be found in Appendix C.\n\n                         Transportation Security Administration\n\n                         TSA was created in response to the terrorist attacks of September 11, 2001, as\n                         part of the Aviation and Transportation Security Act signed into law by\n                         President George W. Bush on November 19, 2001. TSA was established to\n                         protect the nation\xe2\x80\x99s transportation system \xe2\x80\x93 encompassing aircraft, ships, rail\n                         and motor vehicles, airports, seaports, trans-shipment facilities, roads, railways,\n                         bridges, and pipelines \xe2\x80\x93 from terrorist attacks and criminal activity. TSA,\n                         originally a part of the Department of Transportation, became part of DHS in\n                         March 2003.\n\n                         Within TSA, the Office of Emergency Preparedness, and, specifically, the\n                         Director of Emergency Preparedness and Continuity of Operations, 6 is\n                         responsible for the development and maintenance of the TSA COOP Plan and\n                         Program. The TSA COOP Program Manager and his staff are primarily\n                         responsible for the daily operation and execution of the TSA COOP program,\n                         with the assistance of a network of Office Emergency Coordinators located in\n                         TSA program offices. According to the TSA HQ COOP Plan, these\n                         coordinators are responsible for identifying office-level mission-essential\n                         functions that support the agency\xe2\x80\x99s overall essential functions and developing\n                         individual office COOP plans. Without a complete and viable COOP plan,\n                         TSA\xe2\x80\x99s ability to support, coordinate and direct intermodal transportation\n                         security during an emergency could be impaired or fail. TSA functions that are\n                         at risk include: the ability to gather, analyze and disseminate relevant\n                         transportation security and intelligence information; maintenance of the database\n\n4\n  Executive Order 12656, \xe2\x80\x9cAssignment of Emergency Preparedness Responsibilities,\xe2\x80\x9d November 11, 1988, Section 1701, as\namended.\n5\n  Executive Order 13286, \xe2\x80\x9cAmendment of Executive Orders, and Other Actions, in Connection With the Transfer of\nCertain Functions to the Secretary of Homeland Security,\xe2\x80\x9d February 28, 2003, Section 42.\n6\n  Referred to as the TSA COOP Program Manager.\n\n                                         Audit of TSA Continuity of Operations Program\n                                                            Page 4\n\x0c                         controlling air carriers cleared for the \xe2\x80\x9cno fly zone;\xe2\x80\x9d and operational and\n                         maintenance support of screening equipment and systems in airports.\n\n\n\n                         Prior Audits on Government COOP Programs\n\n                         Previous government-wide audits have noted substantial weaknesses in\n                         department and agency COOP plans, programs, and capabilities. In particular,\n                         the Government Accountability Office (GAO) released two reports that detailed\n                         weaknesses in compliance with FPC 65 requirements for COOP plans\n                         government-wide. In a 2004 report, 7 GAO said that the lack of compliance with\n                         FPC 65 requirements could be attributed, in part, to FEMA\xe2\x80\x99s limited oversight\n                         of government-wide COOP planning. GAO\xe2\x80\x99s 2005 follow-up report 8 noted\n                         continued lack of adequate FEMA oversight of COOP activities.\n\n\nResults of Audit\n\n        Overall Summary\n                         Since the agency was created in 2001, TSA designated a COOP Program\n                         Manager and staff, and developed a plan and program that has established a\n                         limited COOP capability. The agency has identified mission-essential functions,\n                         participated in government-wide and internal COOP exercises, and conducted\n                         periodic informational meetings to identify the agency\xe2\x80\x99s level of COOP\n                         preparedness. Despite limited resources and the lack of dedicated funding, TSA\n                         officials indicated they have maintained a level of COOP capability that would\n                         sustain the performance of agency mission-essential functions. This may be\n                         possible during minor disruptions, such as a power outage that occurred at TSA\n                         HQ during the Spring 2005, when TSA indicated that they were able to continue\n                         operations successfully during the 3-day period. However, our audit identified\n                         weaknesses that place at serious risk TSA\xe2\x80\x99s ability to continue operations during\n                         major emergencies requiring full scale COOP activation.\n\n\n\n\n7\n  \xe2\x80\x9cContinuity of Operations: Improved Planning Needed to Ensure Delivery of Essential Services,\xe2\x80\x9d GAO-04-160, February\n2004.\n8\n  \xe2\x80\x9cContinuity of Operations: Agency Plans Have Improved, but Better Oversight Could Assist Agencies in Preparing for\nEmergencies,\xe2\x80\x9d GAO-05-577, April 2005.\n\n                                         Audit of TSA Continuity of Operations Program\n                                                            Page 5\n\x0cTSA\xe2\x80\x99s ability to continue its                    Table 1: Overall Compliance with FPC 65 for TSA HQ\nmission-essential functions during a                             COOP Plan and Program\n                                                COOP Element                            Addressed\nrange of emergencies, particularly              Mission-essential Functions                  P\nunder catastrophic circumstances, is            Alternate Operating Facilities               P\n                                                Delegations of Authority                     P\nat risk due to the lack of a                    Orders of Succession                         P\ncomprehensive and effective COOP                Devolution Planning                         N\n                                                Vital Records                                P\nplan and program. As shown in                   Interoperable Communications                 P\nTable 1, the TSA Headquarters                   Test, Training, and Exercises                P\n                                                Reconstitution                               P\n(HQ) COOP Plan and Program do                   Human Capital                               N\nnot fully comply with FPC 65. The               Plans and Procedures                         P\n                                                Y = Element addressed\nTSA HQ COOP Plan and Program                    N = Element not addressed\nonly partially address the 11                   P = Element partially addressed\nrequired elements that define a\nviable COOP.\n\nTSA has developed a cumbersome COOP plan that would require more than 200\nagency personnel to conduct 138 mission-essential functions at two or more\ndifferent locations during the most extreme emergency situations. However, the\nplan provides only a minimal COOP capability because: TSA management has\nnot adequately analyzed and approved the plan to ensure that only essential\nfunctions and associated emergency staff are included in the plan; established a\nviable alternate work site; or ensured that staff would have uninterrupted access\nto critical applications and data to continue essential TSA operations. In\naddition, TSA program offices have not made COOP planning a priority and\nTSA management, until FY 2006, has provided only a fraction of requested\nCOOP funding.\n\nWithout a complete and viable COOP plan, TSA\xe2\x80\x99s ability to support, coordinate,\nand direct intermodal transportation security during an emergency could be\nimpaired or fail. TSA mission-essential functions that are at risk include: the\nability to gather, analyze, and disseminate relevant transportation security and\nintelligence information; maintenance of the database controlling air carriers\ncleared for the \xe2\x80\x9cno fly zone;\xe2\x80\x9d and operational and maintenance support for\nscreening equipment and systems in airports.\n\n\n\n\n             Audit of TSA Continuity of Operations Program\n                                Page 6\n\x0c           TSA COOP Plan and Program Elements\n\n                              Mission-Essential Functions\n\n                              FPC 65 requires agencies to identify, prioritize, and validate their organization\xe2\x80\x99s\n                              mission-essential functions as a basis for COOP planning, and identify staffing,\n                              resource requirements, and other supporting activities necessary to perform such\n                              functions. Resources required to perform mission-essential functions include,\n                              but are not limited to, trained personnel, equipment, and consumable office\n                              supplies. The proper identification and prioritization of these functions are\n                              critical for the creation of a viable continuity plan. If an agency identifies too\n                              many functions as essential, scarce resources may be allocated to sustain\n                              nonessential functions, impeding work on tasks that are truly essential.\n\n                              TSA management has not adequately reviewed, analyzed, prioritized and\n                              identified interdependencies or associated resources for the 138 mission-\n                              essential functions that form the basis of its COOP plan. TSA officials indicated\n                              that a review of mission-essential functions occurred in 2004, and found them to\n                              be inconsistent and in need of revision. In addition, TSA officials stated that a\n                              review of mission-essential functions was initiated in 2005, but never\n                              completed. TSA officials agreed that despite these limited reviews, there were\n                              some mission-essential functions in the plan that do not need to be continued\n                              under all circumstances. In addition, the plan does not prioritize mission-\n                              essential functions based on the criticality or time sensitivity of the functions\n                              according to likely COOP triggers and scenarios. The plan also does not\n                              identify interdependencies with other functions or organizations that must act in\n                              concert in order to successfully perform mission-essential functions. Gaps,\n                              inaccuracies and questionable or vague mission-essential functions in the TSA\n                              HQ COOP Plan are the result of a lack of careful analysis by TSA.\n\n                              Fifteen of the 41 program offices represented in the TSA HQ COOP Plan do not\n                              have mission-essential functions listed in the TSA HQ COOP Plan, yet are\n                              assigned space at the AOF. 9 Additionally, interviews with representatives from\n                              19 of the offices confirmed that TSA has not adequately analyzed and prioritized\n                              its mission-essential functions:\n\n                                   \xe2\x80\xa2   7 of the 19 program offices acknowledged that not all of their mission-\n                                       essential functions identified in the TSA HQ COOP Plan are, in fact,\n                                       essential and must be continued under all circumstances;\n                                   \xe2\x80\xa2   12 of the 19 program offices did not prioritize mission-essential\n                                       functions; and\n\n\n9\n    The AOF is the facility or facilities to be used in the event that an agency\xe2\x80\x99s primary facility is rendered unusable.\n\n                                               Audit of TSA Continuity of Operations Program\n                                                                  Page 7\n\x0c   \xe2\x80\xa2   18 of 19 program offices provided the OIG mission-essential functions\n       inconsistent with those listed in the TSA HQ COOP Plan.\n\nThe absence of careful management review raises questions about the validity of\nthe 138 mission-essential functions included in the TSA HQ COOP Plan. While\nmany of the mission-essential functions identified in the TSA HQ COOP Plan\nwere of clear importance, the TSA agreed with our observation that many of the\nfunctions may not be mission-essential during COOP emergencies. The\nfollowing are a few examples of the many mission-essential functions identified\nin the TSA HQ COOP Plan that are vague or questionable in terms of whether\nthey need to continue under all circumstances during a COOP emergency:\n\n   \xe2\x80\xa2   Facilitating paperwork for leadership,\n   \xe2\x80\xa2   Answering and investigating routine complaints,\n   \xe2\x80\xa2   Tracking training activities, and\n   \xe2\x80\xa2   Collecting customer, partner, and stakeholder feedback.\n\nAs a consequence of not properly identifying, prioritizing, and validating\nmission-essential functions, there may be mission-essential functions that are\noverlooked and not included in the TSA HQ COOP Plan. Conversely, the TSA\nHQ COOP Plan may contain nonessential functions, causing the plan to be\ncumbersome, costly, difficult to manage, and more likely to fail during an\nemergency situation.\n\nFurthermore, TSA or its program offices have not identified and documented the\nresources necessary to continue mission-essential functions under all\ncircumstances, such as mission critical data, equipment, information technology\nand telecommunications hardware, and office supplies. The TSA HQ COOP\nPlan does not identify resource requirements for the 138 mission-essential\nfunctions listed in the plan. Additionally, 15 of the 19 program offices we\ninterviewed did not maintain complete documentation detailing key emergency\npersonnel, emergency tasks, and operating procedures to support the office\xe2\x80\x99s\nmission-essential functions as required by FPC 65. Without adequate\ndocumentation maintained at the TSA program office level to support mission-\nessential functions, the execution of those functions could be entirely dependent\non the availability, knowledge, and personal experience of designated\nemergency personnel during an emergency situation.\n\nAlternate Operating Facilities\n\nFPC 65 and FEMA guidance require agencies\xe2\x80\x99 COOP plans to identify and\nprepare Alternate Operating Facilities (AOFs) with the capability to perform\ntheir mission-essential functions within 12 hours of COOP activation and to\nsustain these functions up to 30 days. As such, AOFs must be located far\n\n             Audit of TSA Continuity of Operations Program\n                                Page 8\n\x0cenough from vulnerable areas and provide support, infrastructure systems, and\nsecurity for the relocated employees.\n\nSince joining DHS in 2003, TSA has secured a number of interim AOFs to\ncontinue operations; however, the agency has never had permanent AOF\ncapabilities to support the TSA HQ COOP Plan. From March 2003 through\nNovember 2004, TSA collocated the AOF with another TSA installation, which\nwas inadequately sized to accommodate the COOP plan. The facility was\ndesignated for other purposes and TSA leased and occupied another facility,\ndespite unsuitable physical security, as a temporary measure until a suitable and\npermanent facility was identified, approved and modified to TSA needs. TSA\nterminated the lease and collocated the current AOF with another TSA\ninstallation in December 2005, and told the audit team in January 2006 that the\nfacility would be modified and ready for COOP activities by May 2006. As of\nMarch 2006, the AOF was not configured for purposes of TSA COOP activities\nbecause plans to rearrange the space to accommodate both COOP and current\nTSA occupant needs were still being developed. TSA advised that the AOF was\nat least nine months behind schedule.\n\nThe number of staff and leadership requesting a presence at the AOF, and lack\nof resources to procure a larger facility prohibited TSA from obtaining one\nlocation that could accommodate the entire staff. Consequently, TSA staff and\nleadership would report to different AOFs during some emergency situations.\nOur review concentrated on the emergency staff AOF since senior TSA\nleadership has been designated to report to a location operated by another\ngovernment agency.\n\nThe current AOF does not meet FPC 65 requirements and does not provide\nsufficient space and equipment to sustain TSA COOP activities under all\ncircumstances. Specifically, we learned:\n\n   \xe2\x80\xa2   At the time of our site visit in January 2006, the AOF size and\n       configuration could only accommodate 16% (30 of the 184) of the\n       emergency personnel identified in the HQ COOP Plan.\n   \xe2\x80\xa2   The AOF may not be sufficiently distant from vulnerable areas.\n   \xe2\x80\xa2   The site does not have reliable and adequate backup power to host\n       COOP activation. Although we were told that the site had a generator\n       and an uninterrupted power supply, the systems were not connected.\n   \xe2\x80\xa2   The building has only minimal physical security.\n\nTSA is configuring the new AOF, and planning for associated resources and\nequipment, despite the fact that the agency has yet to validate its mission-\nessential functions. At the time of our audit, TSA was planning for an AOF to\naccommodate 41 program offices and 184 emergency staff to conduct 138\n\n             Audit of TSA Continuity of Operations Program\n                                Page 9\n\x0cseparate mission-essential functions. Without a careful analysis of its mission-\nessential functions, TSA cannot effectively or accurately plan for the size, cost\nand associated resources for its AOF.\n\nDelegations of Authority and Orders of Succession\n\nUnder FPC 65, agencies are to pre-delegate authorities for making policy\ndeterminations and other decisions to ensure rapid response to any emergency\nsituation requiring COOP plan activation. Agencies must establish, implement,\nand maintain orders of succession to key positions to ensure an orderly, pre-\ndefined transition of leadership in the event leadership is debilitated or incapable\nof performing their legally authorized duties, roles, and responsibilities.\nAgencies must ensure that officials who may be expected to assume authorities\nin a COOP situation or be designated successors are trained and briefed annually\non their potential responsibilities.\n\nThe TSA HQ COOP Plan and the program office COOP plans do not have\ndelegations of authority and orders of succession compliant with FPC 65\nrequirements. The TSA HQ COOP Plan contained delegations of authority and\norders of successions that were out of date for more than one year and still did\nnot reflect changes in senior TSA leadership and the TSA organizational\nstructure that occurred throughout 2005. For example, both the orders of\nsuccession and delegations of authority refer to the Assistant Administrators for\nMaritime and Land Security and Aviation Operations; however, these positions\nno longer exist in the current TSA organization.\n\nDelegations of authority and orders of succession were missing or inaccurate for\n15 of the 19 TSA program offices we reviewed. In addition, TSA officials\nacknowledged that the agency has not consistently trained or briefed officials\nthat could be delegated authorities under emergency situations or be designated\nsuccessors, and had not conducted briefings since October 2004, despite the fact\nthat TSA leadership changed throughout 2005. Without clear and current\ndelegations of authority and orders of succession, TSA\xe2\x80\x99s ability to manage and\ndirect its mission-essential functions and operations during an emergency\nsituation is at risk.\n\nDevolution Planning\n\nTSA has not identified a devolution site or developed a devolution plan to\nensure continuation of the agency\xe2\x80\x99s mission-essential functions if TSA HQ or its\nAOFs were rendered unavailable. Devolution planning refers to preparation\nnecessary to transfer mission-essential functions of a department or agency to\nanother organizational element, such as a field office, should an organization\xe2\x80\x99s\nAOF or emergency relocation personnel be rendered unavailable or\n\n              Audit of TSA Continuity of Operations Program\n                                 Page 10\n\x0cincapacitated. FPC 65 requires that agencies conduct devolution planning to\nidentify how the agency will continue its mission-essential functions during\nincreased threat situations or in the aftermath of a catastrophic emergency\nsituation. Although TSA has an existing field structure in place at 5 Mission\nSupport Centers and over 400 airports located across the United States, TSA has\nnot performed required devolution planning. Without a devolution site or plan,\nthere is no assurance that TSA would be able to continue operations if an\nemergency situation rendered TSA\xe2\x80\x99s HQ or the AOFs unavailable or\nincapacitated.\n\nVital Records Program\n\nFPC 65 requires agencies to identify, protect, and make readily available vital\nrecords and databases to support mission-essential functions during COOP\nemergencies. The protection and availability of electronic and hardcopy\ndocuments, references, records, and information systems are needed to support\nmission-essential functions under a variety of emergency situations. To the\nextent possible, agencies should pre-position and regularly update duplicate\nrecords or backup electronic files. There are two types of vital records:\n\n   \xe2\x80\xa2   Emergency Operating Records: Emergency plans and directives; orders\n       of succession; delegations of authority; staffing assignments; and related\n       records of a policy or procedural nature that provide agency staff with\n       guidance and information resources necessary for conducting operations\n       during an emergency situation, and for resuming formal operations at its\n       conclusion.\n\n   \xe2\x80\xa2   Legal and Financial Records: Records that are critical to carrying out an\n       organization\xe2\x80\x99s essential legal and financial functions and activities, and\n       protect the legal and financial rights of individuals directly affected by\n       its activities.\n\nBy issuing Management Directive 200.9, Vital Records Program, TSA\nestablished policy and procedures for the identification, preparation, and\ninventory of vital records to ensure that needed records are available during\nCOOP emergencies. However, the directive was not issued until August 29,\n2005. Under this directive, TSA program offices are charged with identifying,\nsafeguarding, and updating office vital records; and ensuring that these records\nare easily retrievable to support the continuity of their mission-essential\nfunctions during COOP emergencies.\n\nThe TSA HQ COOP Plan does not address an agency-wide vital records\nprogram to support COOP operations, although officials indicated that specific\ninstructions for the storage of electronic and paper emergency operating records\n\n              Audit of TSA Continuity of Operations Program\n                                 Page 11\n\x0c                          were issued separately. Despite this, TSA officials were unaware of the extent\n                          to which TSA program offices have complied with TSA policy for its vital\n                          records program. Interviews with Office Emergency Coordinators from 19\n                          TSA organizational elements indicated that none of the offices established a\n                          formal vital records program in accordance with FPC 65 and TSA Management\n                          Directive 200.9. These Emergency Coordinators do not maintain complete\n                          documentation for their emergency operating vital records and procedures for\n                          implementing, safeguarding and updating the records.\n\n                          Interoperable Communications\n\n                          Under FPC 65, agencies are required to establish interoperable communications\n                          that provide the capability to perform mission-essential functions until normal\n                          operations can be resumed. Specifically, agencies are required to ensure the\n                          availability of redundant and interoperable communication systems that support\n                          the ability to communicate with employees, agency leadership, and other\n                          elements and locations during an emergency situation. Also, agencies must\n                          ensure the backup of critical applications are available to provide access to data,\n                          systems, and services necessary to support mission-essential functions.\n\n                          The Office of Management and Budget Circular A-130, Management of Federal\n                          Information Resources and the National Institute of Standards and Technology\n                          Special Publication 800-34, Contingency Planning Guide for Information\n                          Technology Systems, discuss the need for disaster recovery plans in the event an\n                          emergency situation leads to information technology (IT) system failure. The\n                          TSA COOP Program Manager explained that COOP IT readiness is his\n                          responsibility with support from the TSA Office of Chief Information Officer\n                          (OCIO).\n\n                          TSA has only partially established interoperable and redundant communications\n                          and systems available to support communication with employees, agency\n                          leadership, and other elements and locations during an emergency. TSA\n                          officials advised that TSA provides multiple modes of communication at its\n                          AOFs including:\n\n                              \xe2\x80\xa2   Dedicated TSA data connectivity to all critical applications housed at the\n                                  TSA hosting center; 10\n                              \xe2\x80\xa2   Dedicated land-line voice communication based at different locations on\n                                  the Public Switched Telephone Network (PSTN); 11 and\n\n10\n   This facility is located outside the Washington, D.C. area.\n11\n   The PSTN (public switched telephone network) is the world's collection of interconnected voice-oriented public\ntelephone networks, both commercial and government-owned. The PSTN also furnishes much of the Internet's long-\ndistance infrastructure.\n\n                                          Audit of TSA Continuity of Operations Program\n                                                             Page 12\n\x0c                                \xe2\x80\xa2   Commercial systems such as the Internet, cellular telephones, and\n                                    dedicated voice lines to communicate with its non-emergency workforce.\n\n                           Although emergency planning assumes that the PSTN will be available during\n                           an emergency, TSA officials agreed that even though the system has improved\n                           since 9/11, the PSTN is vulnerable to penetration or disruption. In addition,\n                           TSA officials also acknowledged that dedicated data connectivity to critical\n                           systems and applications is also vulnerable as these systems represent \xe2\x80\x9csingle\n                           points of failure.\xe2\x80\x9d TSA does not have adequate backup of critical applications\n                           needed to provide access to data, systems, and services necessary to support\n                           mission-essential functions. Specifically, the OCIO does not have a fully\n                           functional backup facility to restore critical applications.\n\n                           In addition, the OCIO has not prioritized its list of mission critical\n                           applications; 12 thus, TSA has not identified which of its critical systems would\n                           be restored or the restoration order. If a disaster rendered the data centers\n                           inoperable, TSA would use its IT contractor facility in suburban Virginia to\n                           provide a limited backup capability to recover systems. The OCIO may not be\n                           able to fully recover from a disaster because the contractor facility likely cannot\n                           replicate the off-site center, and therefore, may not be able to restore all critical\n                           systems. OCIO staff acknowledged it could take more than a week to obtain\n                           this limited capability and that TSA has not tested this facility for\n                           responsiveness in emergency situations.\n\n                           TSA does not have formalized disaster recovery plans for its IT systems. TSA\n                           recently awarded a bridge contract to develop disaster recovery plans for OCIO\n                           systems. However, this bridge contract does not include reviewing the\n                           requirements of those IT systems not under the control of the OCIO.\n                           Additionally, TSA has not approved the estimated $40 million needed to\n                           implement a disaster recovery capability. The lack of disaster recovery plans\n                           was mentioned in TSA\xe2\x80\x99s 2004 after-action report on its participation in the\n                           government-wide COOP exercise Forward Challenge. Specifically:\n\n                                    \xe2\x80\x9c\xe2\x80\xa6the lack of disaster recovery plans for TSA headquarters IT systems,\n                                    the Transportation Security Operations Center (TSOC) IT systems...and\n                                    the Transportation Security Intelligence Service intelligence systems are\n                                    major vulnerabilities\xe2\x80\xa6and represent single points of failure for TSA\xe2\x80\xa6If\n                                    the TSOC is not able to communicate with the\xe2\x80\xa6hosting center for any\n                                    reason, it is effectively isolated.\xe2\x80\x9d\n\n\n\n12\n  The OCIO provided a list of 18 mission critical systems that are housed at either an off-site data center or an on-site data\ncenter. Some examples of the mission critical systems are the Alert Notification System, Law Enforcement Messaging\nSwitch, and TSANet.\n\n                                            Audit of TSA Continuity of Operations Program\n                                                               Page 13\n\x0c                         TSA officials agreed that COOP planning has not been a TSA priority, as\n                         evidenced by the lack of adequate funding for redundant and interoperable\n                         communications systems, backup of critical applications, and disaster recovery\n                         plans. They said that funding for these items has been repeatedly requested but\n                         not approved, because funding has generally been directed towards other, more\n                         current problems such as connectivity issues, not disaster recovery capabilities.\n                         Without redundant and interoperable communications systems, backup of\n                         critical applications, and disaster recovery plans, there may be a loss of access to\n                         many critical applications, and TSA may not be able to continue its mission-\n                         essential functions.\n\n                         Test, Training, and Exercise Program\n\n                         FPC 65 requires that agencies assess, demonstrate, and improve the ability to\n                         execute COOP plans and programs through a testing, training, and exercise\n                         (TT&E) program. Agencies must plan, conduct, and document periodic tests,\n                         training, and exercises to demonstrate COOP plan viability, identify\n                         deficiencies, and ensure personnel are able to implement COOP plans to carry\n                         out mission-essential functions. The circular also instructs agencies to develop a\n                         multi-year plan that addresses TT&E requirements and resources to support\n                         these activities.\n\n                         While TSA participated in several internal and government-wide COOP\n                         exercises, the TSA has not fully developed a test, training and exercise program\n                         to validate, or identify for subsequent correction, specific aspects of COOP\n                         capabilities, procedures, systems and facilities used in response to emergency\n                         situations.\n\n                              \xe2\x80\xa2   TSA officials indicated that tests of COOP procedures and systems have\n                                  occurred during nationwide COOP exercises and associated with events\n                                  such as the 2005 Presidential Inauguration and the 2006 State of the\n                                  Union Address. However, officials also acknowledged that the system\n                                  has not been tested at least quarterly, as required by FPC 65. The TSA\n                                  COOP Program Manager explained that TSA planned to use an\n                                  automated alert and notification system, 13 but the contact information in\n                                  the system is extremely outdated, thereby reducing the utility of the tests.\n\n                              \xe2\x80\xa2   TSA has not implemented action plans to correct deficiencies identified\n                                  during previous COOP exercises and updated the TSA HQ COOP Plan.\n                                  While program office personnel reported numerous problems\n                                  experienced during a June 2005 COOP exercise, such as inability to\n13\n  The alert and notification system automatically calls and e-mails TSA senior management and emergency coordinators\nduring an emergency. A recorded message would provide details on the COOP situation including whether to deploy to the\nAOF.\n\n                                         Audit of TSA Continuity of Operations Program\n                                                            Page 14\n\x0c       access important files, inability to access e-mail, limited external\n       communications, and lack of office equipment and computer hardware,\n       TSA has not developed or implemented plans to correct those\n       deficiencies. TSA officials advised that, despite the lack of a written\n       corrective action plan, many COOP deficiencies noted during COOP\n       exercises in 2004 and 2005 have been addressed by the agency.\n\n   \xe2\x80\xa2   TSA has not ensured that agency personnel are trained to implement\n       COOP plans and carry out mission-essential functions in a COOP\n       situation. Sixteen of the 19 Office Emergency Coordinators we\n       interviewed said that they did not receive formal COOP training for their\n       position, despite the fact that FEMA provides numerous no-cost COOP\n       training opportunities both in a classroom setting and on-line.\n       Additionally, TSA does not have adequate assurance that COOP\n       awareness training, orientation or briefings are provided to its entire\n       workforce, as required by FPC 65. The TSA officials said that COOP\n       training was left up to each program office because the TSA COOP staff\n       does not have the resources to train personnel. TSA officials indicated\n       that the agency has established a TSA-intranet website on emergency\n       preparedness available to all employees, as well as a COOP information\n       pamphlet provided to all OECs for distribution to the workforce.\n       However, TSA officials also indicated they do not know whether COOP\n       training or orientations are actually being provided, or to what extent\n       employees have accessed the intranet site or received the COOP\n       pamphlet.\n\n   \xe2\x80\xa2   TSA has not prepared a multi-year TT&E plan that addresses COOP\n       TT&E requirements, resources to support TT&E activities, and a TT&E\n       planning calendar.\n\nAn effective TT&E program is important to improve the ability of agencies to\neffectively manage and execute their COOP program. Without an effective\nTT&E program in place, TSA has no assurance that its COOP program is\ncapable of supporting the continued execution of the agency\xe2\x80\x99s mission-essential\nfunctions during a COOP situation.\n\nReconstitution\n\nFPC 65 requires agencies to provide an executable reconstitution plan to\ntransition from COOP status to an efficient normal operations status once the\nthreat or disruption has passed. Agencies must coordinate and pre-plan options\nfor reconstitution from all levels of disruption and outline procedures for a\nsmooth transition from a relocation site to the new or restored HQ facility. As\nreconstitution is implemented, agencies must inform and instruct all personnel\n\n\n             Audit of TSA Continuity of Operations Program\n                                Page 15\n\x0cfor resumption of normal operations and supervise the orderly return to the\nprimary location. Agencies are required to verify that all systems,\ncommunications, and other required capabilities are available and operational\nand the agency is fully capable of accomplishing all mission-essential functions\nat the new facility. The agency must conduct an after-action review to identify\nareas for correction and develop a remedial action plan.\n\nThe TSA HQ COOP Plan does not provide options for reconstitution from all\nlevels of disruptions and the movement from the COOP AOF or devolution site\nto the original facility or new operating site. Instead, the plan identifies limited\nactions that the Facilities Recovery Team would take that would result in\nrecommendations for recovery and reconstitution strategy. The plan mentions\nthat a separate Reconstitution Team will be established when TSA facilities\nhave sustained severe damage or TSA staff has suffered substantial casualties.\nThe TSA COOP Program Manager explained that during a national security\nemergency, TSA would rely on direction from the White House for all other\nreconstitution planning. We understand that a catastrophe of significant\nmagnitude would require special guidance and attention; however, TSA has not\nprovided emergency personnel with sufficient information to ensure a smooth\ntransition from a COOP situation to resume normal operations. Based on the\nlimited information in the TSA HQ COOP Plan, reconstitution may pose\nsignificant challenges during a COOP event and delay the return to normal\noperations.\n\nHuman Capital\n\nThe TSA HQ COOP Plan does not include the required procedures and guidance\non human resource issues related to continued operations. FPC 65 requires each\nagency to design, update, and carry out comprehensive plans to respond to the\nthreats that its employees are most likely to face during an emergency situation.\nAgencies should be familiar with the many human capital resources and\nflexibilities that exist to assist managers and employees in an emergency\nsituation. Agencies need to address human capital topics in their COOP plans\nsuch as:\n\n   \xe2\x80\xa2   Dismissal and closing procedures;\n   \xe2\x80\xa2   Plans and methods for communicating with employees;\n   \xe2\x80\xa2   Pay and staffing flexibilities;\n   \xe2\x80\xa2   Employee recall procedures; and\n   \xe2\x80\xa2   Employee roles and responsibilities.\n\nFPC 65 also requires that agencies ensure COOP capabilities take maximum\nadvantage of existing agency field infrastructures and give consideration to other\noptions, such as telecommuting locations, work-at-home, virtual offices, and\n\n              Audit of TSA Continuity of Operations Program\n                                 Page 16\n\x0c                             joint or shared facilities. DHS Management Directive 3070.2, Telework\n                             Directive, 14 states that telework can be used as an integral part of DHS COOP\n                             plans to ensure that DHS operates smoothly in times of emergency situations,\n                             disasters, or inclement weather. According to the Office of Personnel\n                             Management, telework is \xe2\x80\x9can invaluable management tool which not only\n                             allows employees greater flexibility to balance their personal and professional\n                             duties, but also allows both management and employees to cope with the\n                             uncertainties of potential disruptions in the workplace, including terrorist\n                             threats.\xe2\x80\x9d GAO and the Congress have also indicated that the ability to telework\n                             has been, and will continue to be, very important in times of emergency\n                             situations.\n\n                             The TSA HQ COOP Plan does not include the human factors that need to be\n                             considered during a crisis, such as expected roles and responsibilities, staffing,\n                             pay, and notification protocols. Instead, the plan indicates that detailed\n                             administrative and personnel services support procedures for deployed TSA\n                             staff during an emergency situation will be provided at an unspecified \xe2\x80\x9clater\n                             date.\xe2\x80\x9d\n\n                             Similarly, TSA has not addressed telework as an emergency strategy in its\n                             COOP plan and program. TSA advised that the agency did not have a telework\n                             policy in place prior to February 2006. In addition, TSA indicated that the\n                             agency conducted a pilot project for using telework as a COOP strategy, but\n                             found that the IT infrastructure needed to support telework under COOP\n                             conditions was inadequate and, therefore, cancelled the project.\n\n                             Without human capital information in its COOP plan and program, TSA staff\n                             may not receive the information necessary to know what to do under many\n                             emergency situations. Additionally, without implementing a telework program\n                             to support its COOP program, TSA is missing an opportunity to extend the\n                             survivability of its mission-essential operations if TSA HQ and AOF locations\n                             are rendered inoperable or inaccessible during a catastrophic event.\n\n                             Plans and Procedures\n\n                             As previously discussed, FPC 65 requires that agencies develop a\n                             comprehensive COOP plan to ensure the continued performance of an\n                             organization\xe2\x80\x99s mission-essential functions under all circumstances and include\n                             elements that define a viable COOP. In addition, agencies are required to\n                             develop plans and procedures for three phases of COOP implementation:\n                             activation and relocation; AOF operations; and reconstitution. The TSA HQ\n                             COOP Plan includes:\n\n14\n     Dated August 17, 2005\n\n                                           Audit of TSA Continuity of Operations Program\n                                                              Page 17\n\x0c                              \xe2\x80\xa2    Plans for activation, such as check-in procedures for emergency\n                                   personnel;\n                              \xe2\x80\xa2    Plans for fly-away kits 15 for emergency personnel; and\n                              \xe2\x80\xa2    Alert and notification procedures.\n\n                          However, the TSA HQ COOP Plan, as described in the previous sections, is not\n                          comprehensive and does not adequately address all 11 elements of a viable\n                          COOP. The COOP plan has not been reviewed annually or approved by senior\n                          TSA officials, as required by FPC 65.\n\n\n        TSA COOP Priority and Oversight\n                          According to FPC 65, each federal executive branch agency is responsible for\n                          appointing a senior federal government executive to serve as program manager\n                          and agency point of contact for agency COOP activities, and to ensure that there\n                          is adequate planning, programming, and budgeting for a viable and executable\n                          COOP program that adheres to FPC 65. The TSA HQ COOP Plan designates\n                          the TSA COOP Program Manager responsible for the coordination,\n                          development, execution, and maintenance of the COOP plan and program.\n\n                          Additionally, FPC 65 requires that each agency\xe2\x80\x99s COOP plan must include the\n                          development, maintenance, and annual review of the COOP capabilities using a\n                          multi-year strategy and program management plan. The multi-year strategy and\n                          program management plan should outline the process an agency will follow to\n                          designate and review mission-essential functions and resources; define short and\n                          long-term COOP goals and objectives; forecast COOP budgetary requirements;\n                          and identify COOP program issues, concerns, potential obstacles, and the\n                          strategy for addressing these obstacles.\n\n                          COOP planning has not been a priority for TSA nor have adequate resources\n                          been available for COOP planning. Both have contributed to the numerous\n                          deficiencies discussed in this report. TSA officials stated that the main reason\n                          for COOP deficiencies was the lack of funding and personnel resources\n                          provided to the program. As we were concluding our audit fieldwork in\n                          February 2006, approximately $4.2 million was reprogrammed to the TSA\n                          COOP program, primarily to cover costs associated with modifying and\n                          outfitting the agency\xe2\x80\x99s AOFs used to support COOP activation. However, from\n\n15\n  Fly-away kits are kits prepared by, and for, an individual who expects to deploy to an alternate location during an\nemergency. They contain work-related and personal items needed to minimally satisfy personal and professional needs\nduring deployment.\n\n\n                                          Audit of TSA Continuity of Operations Program\n                                                             Page 18\n\x0c                           FY 2003 through FY 2005, TSA had provided only $830,000 total in reallocated\n                           funds, 16 although TSA COOP management requested $6 million to $8.75\n                           million annually for the COOP program. Funds were requested for additional\n                           staff, telecommunications and IT equipment, emergency office supplies, and\n                           AOF renovation. In addition, OCIO officials said that approximately $40\n                           million was requested to address deficiencies in information technology disaster\n                           recovery planning and has not been approved by TSA.\n\n                           As stated in a TSA draft acquisition plan prepared in 2005, \xe2\x80\x9c\xe2\x80\xa6 the (TSA\n                           COOP) program remains unfunded, and, therefore, has been slow to progress\n                           beyond the initial stage. Through the reprogramming of operational funds, a\n                           minimum level of capability has been achieved, but is not sustainable. \xe2\x80\xa6[and\n                           consequently] TSA would be out of compliance with White House and DHS\n                           directives concerning COOP requirements. TSA would be vulnerable to\n                           disruption of its missions-essential functions.\xe2\x80\x9d\n\n                           Additionally, the TSA COOP Program Manager explained he also had many\n                           staffing challenges since assuming this role in July 2002. The COOP Program\n                           Manager worked on the program by himself for over a year, and during that\n                           time, he indicated that only 30 to 50 percent of his time was allocated to the\n                           TSA COOP program because he was assigned to other duties. Furthermore, the\n                           COOP Program Manager said that TSA was unable to maintain a trained COOP\n                           staff until September 2004. Since then, the COOP Program Manager has\n                           maintained a staff of four trained employees with assistance from between one\n                           and four additional staff members over time.\n\n                           We concluded that TSA has not provided effective oversight of the TSA COOP\n                           Program. As previously discussed, TSA has not adequately reviewed and\n                           confirmed the program office mission-essential functions, reviewed office-level\n                           COOP plans, or prepared a multi-year strategy and program management plan to\n                           guide the COOP program. Additionally, major sections of the TSA HQ COOP\n                           Plan are incomplete or missing and/or not in compliance with FPC 65\n                           requirements. The HQ COOP Plan has not been updated to reflect\n                           organizational and mission-essential function changes and lists incorrect contact\n                           information for 5 of the 19 offices we interviewed. In addition, TSA has not\n                           adequately integrated its field operations into its COOP program. For example:\n\n                                \xe2\x80\xa2   TSA has collected COOP plans from only 85 of the 449 federalized\n                                    airports, including only 9 of the 27 category X airports. 17 None of the 85\n\n16\n   The following funds were reprogrammed to the COOP program from FY 2003 through FY 2005: FY 2003-$230,000;\nFY 2004-$350,000; and FY 2005-$250,000.\n17\n   TSA classifies commercial airports in the United States into one of five security risk categories (X, I, II, III, and IV)\nbased on various factors, such as the total number of takeoffs and landings annually, and other security considerations. In\ngeneral, category X airports have the largest number of passenger boarding and category IV have the smallest.\n\n                                            Audit of TSA Continuity of Operations Program\n                                                               Page 19\n\x0c                   plans collected have been reviewed by TSA COOP staff to ensure that\n                   the plans are compliant with FPC 65 requirements, consistent, or address\n                   agency emergency planning needs.\n             \xe2\x80\xa2     TSA could not identify the correct COOP contact information for the\n                   four airports reviewed and contacted for this audit.\n             \xe2\x80\xa2     TSA has not determined how the five Mission Support Centers would fit\n                   into COOP planning, and as such, the entities are not incorporated in the\n                   TSA HQ COOP Plan.\n\n     Recommendations\n          We recommend that the Assistant Secretary of the TSA take appropriate steps\n          to:\n\n                 1. Ensure that the TSA Office of Emergency Preparedness provides\n                    sufficient direction and oversight that will enable the agency to develop\n                    and maintain a comprehensive and effective COOP plan and program,\n                    compliant with all FPC 65 requirements;\n\n                 2. Ensure that TSA program offices fulfill their assigned responsibilities\n                    under the TSA HQ COOP plan and provide the support necessary for\n                    TSA to implement a viable COOP plan and program.\n\n                 3. Provide the resources necessary to implement a viable COOP program,\n                    in order to continue operations under any emergency situation.\n\n\nManagement Comments and OIG Analysis:\n\n          Management Comments to Recommendation #1\n\n          TSA concurred with our recommendation and stated that making COOP\n          planning a priority for its leadership is central to a viable COOP capability.\n          TSA noted that the Assistant Secretary\xe2\x80\x99s personal interest in the COOP program\n          demonstrates the highest level of oversight. TSA indicated that the COOP\n          program is now being managed by the Office of Law Enforcement (OLE),\n          Emergency Preparedness Division, and that their leadership is reaching out\n          across TSA management to build COOP awareness and support. With this\n          reorganization, TSA believes that it has improved the accountability, oversight\n          and visibility of the COOP program. TSA also provided examples of how the\n          agency has made significant progress in addressing the deficiencies in the\n          required elements of a viable COOP since the end of our fieldwork. TSA also\n\n\n\n                         Audit of TSA Continuity of Operations Program\n                                            Page 20\n\x0cintends to use the eleven program elements as a benchmark to measure progress\nand evaluate COOP capacity and performance.\n\nManagement Comments to Recommendation #2\n\nTSA concurred with our recommendation. In response to our draft report, TSA\nstated that the agency recently completed an internal reorganization and\nreassignments of responsibility aligning senior management officials for each\nprogram office. TSA indicated that new Office Emergency Coordinators have\nbeen assigned and COOP program management is developing a comprehensive\nstrategy for ensuring office compliance and readiness. This strategy will include\nself-audits, unannounced audits by COOP program officers, readiness\nchecklists, and ongoing awareness initiatives. Finally, OLE management will\nengage with program office senior management officials to ensure that office-\nlevel and field planning efforts are complete, accurate and viable.\n\nManagement Comments to Recommendation #3\n\nTSA concurred with our recommendation. The agency, in its response to the\ndraft report, stated that $10 million in FY 2006 funds were allocated to the\nCOOP program to support the design and build-out of two AOFs and procure\nemergency equipment. TSA also indicated that funding will also be used to\nobtain contractor support for developing COOP documentation.\n\nOIG Comments and Analysis\n\nWe consider Recommendations #1, #2, and #3 resolved but will remain open\nuntil implementation is complete. We agree that TSA has been responsive to\nour draft report and has taken significant steps to building a strong, viable\nCOOP capability. TSA provided additional resources and reorganized the\nCOOP management structure to raise the visibility and priority of the program.\nTSA noted that the agency recently reexamined its mission-essential functions\nand a task force would be formed to identify a strategy to analyze, validate and\nprioritize the results. TSA is also in the process of developing a five-year TT&E\nplan. However, TSA still needs to make progress in addressing other\ndeficiencies in its COOP plan and program that we identified during our audit,\nmany of which were not specifically addressed in TSA\xe2\x80\x99s response, such as the\nintegration of its field structure into COOP planning, out of date orders of\nsuccession and delegations of authority, inadequate interoperable\ncommunications, lack of a reconstitution plan and the lack of compliance by\nTSA offices with vital records program requirements. Although TSA has made\nadditional resources available to the COOP program, TSA did not specifically\nstate its plans to provide adequate resources to address deficiencies in disaster\nrecovery capabilities for the agency\xe2\x80\x99s IT systems.\n\n             Audit of TSA Continuity of Operations Program\n                                Page 21\n\x0c                          We will consider the recommendations closed when TSA reports back to us on\n                          the completion of its planned actions to address all deficiencies identified in this\n                          report.\n\n                          A copy of TSA\xe2\x80\x99s entire response is included as Appendix B.\n\n\n\n                 DHS COOP Oversight\n                          DHS has provided only limited oversight of TSA COOP activities. Specifically,\n                          DHS has not assessed the extent to which TSA, as well as other DHS\n                          components, are maintaining a COOP plan and program that is current, contains\n                          all required information as outlined in FPC 65, and ensures the continuation of\n                          TSA mission-essential functions under a variety of emergencies. While FEMA\n                          acknowledges that it is the \xe2\x80\x9clead agent\xe2\x80\x9d for COOP activities across the federal\n                          executive branch, and has primary responsibility within DHS for the\n                          development and execution of the Department\xe2\x80\x99s COOP program, the agency\n                          does not believe that it has been formally assigned the authority, nor does it have\n                          the resources to assess DHS component COOP programs, plans, and\n                          capabilities.\n\n                          FEMA was established as the \xe2\x80\x9clead agent\xe2\x80\x9d for federal executive branch COOP\n                          under Presidential Decision Directive 67 (PDD 67). 18 This effort is led by\n                          FEMA\xe2\x80\x99s Office of National Security Coordination (ONSC). Under PDD 67,\n                          FEMA is designated as the chair of an Interagency Advisory Group charged\n                          with providing coordination, oversight, and management for COOP activities.\n\n                          According to Executive Order 12656 (EO 12656), 19 FEMA shall coordinate and\n                          support the initiation, development, and implementation of national security\n                          emergency preparedness programs and plans among Federal departments and\n                          agencies; and provide the President a periodic assessment of Federal, State, and\n                          local capabilities to respond to national security emergencies. EO 13286\n                          transferred these responsibilities to the Secretary of Homeland Security. 20 In\n                          March 2004, DHS Delegation Number 9001 assigned the authorities to the\n                          Under Secretary for Emergency Preparedness and Response. The June 2004\n18\n   PDD 67, \xe2\x80\x9cEnduring Constitutional Government and Continuity of Government Operations,\xe2\x80\x9d October 21, 1998. FEMA\nprovided the OIG team only with unclassified excerpts of the document relevant to federal agency COOP responsibilities\nand FEMA\xe2\x80\x99s role government-wide. PDD 67 is a national security classified document under the control of the National\nSecurity Council.\n19\n   Executive Order 12656, \xe2\x80\x9cAssignment of Emergency Preparedness Responsibilities,\xe2\x80\x9d November 11, 1988, Section 1701,\nas amended.\n20\n   Executive Order 13286, \xe2\x80\x9cAmendment of Executive Orders, and Other Actions, in Connection With the Transfer of\nCertain Functions to the Secretary of Homeland Security,\xe2\x80\x9d February 28, 2003, Section 42.\n\n                                          Audit of TSA Continuity of Operations Program\n                                                             Page 22\n\x0c                         revision of FPC 65 requires FEMA to \xe2\x80\x9coversee and assess the status of COOP\n                         capabilities\xe2\x80\x9d government-wide.\n\n                         ONSC also serves as DHS\xe2\x80\x99 lead agent for COOP activities with the Department.\n                         Under authority established by DHS Management Directive 9300.1, 21 a DHS\n                         COOP Working Group was formed \xe2\x80\x9cto provide oversight and direction to the\n                         DHS COOP program.\xe2\x80\x9d FEMA co-chairs this working group with the Office of\n                         the Chief of Staff. We noted that this Directive does not reflect the recent\n                         reorganization of DHS. When the Directive was issued in 2004, FEMA reported\n                         to the Under Secretary for Emergency Preparedness and Response, which was\n                         given overall responsibility for the development and execution of the DHS-wide\n                         COOP program. According to FEMA officials, this responsibility was delegated\n                         to FEMA\xe2\x80\x99s ONSC. As a result of a recent reorganization, FEMA now reports\n                         directly to the DHS Deputy Secretary. Nevertheless, FEMA indicated that DHS\n                         COOP responsibilities currently remain with ONSC and that they would be\n                         proposing changes to the now out-of-date Directive.\n\n                         GAO also attributes a significant COOP oversight responsibility to FEMA. In\n                         consecutive reports issued in 2004 and 2005, GAO reported that the lack of\n                         compliance with FPC 65 requirements by federal executive branch departments\n                         and agencies could be attributed, in part, to FEMA\xe2\x80\x99s limited oversight of COOP\n                         planning government-wide. 22 GAO noted that FEMA had not conducted\n                         oversight that is \xe2\x80\x9csufficiently regular and extensive to ensure that agencies\n                         correct deficiencies\xe2\x80\x9d in COOP plans and programs. GAO noted that improved\n                         FEMA oversight of COOP activities could be instrumental in ensuring that\n                         agencies prepare adequate COOP plans.\n\n                         ONSC, however, does not believe that guidance provides them with the\n                         authority and responsibility to ensure that agencies, both within DHS and\n                         government-wide, are maintaining viable COOP plans, programs and\n                         capabilities. ONSC officials contend that their role is limited to providing\n                         coordination, guidance, advice, and support, but that they do not have the\n                         regulatory authority to conduct in-depth assessments of individual agency\n                         COOPs, nor the authority to direct agencies to establish and maintain a viable\n                         COOP capability.\n\n                         Within DHS, FEMA officials pointed out that oversight responsibilities for\n                         COOP activities are vested in the DHS COOP Working Group, which they co-\n                         chair. However, they agreed that the Working Group has not, nor does it intend\n\n21\n   DHS Management Directive 9300.1, \xe2\x80\x9cContinuity of Operations Programs and Continuity of Government Functions,\xe2\x80\x9d\nJuly 12, 2004.\n22\n   \xe2\x80\x9cContinuity of Operations: Improved Planning Needed to Ensure Delivery of Essential Services,\xe2\x80\x9d GAO-04-160,\nFebruary 2004. \xe2\x80\x9cContinuity of Operations: Agency Plans Have Improved, But Better Oversight Could Assist Agencies in\nPreparing for Emergencies,\xe2\x80\x9d GAO-05-577, April 2005.\n\n                                        Audit of TSA Continuity of Operations Program\n                                                           Page 23\n\x0c                         to, conduct in-depth assessments of DHS component COOP plans and programs.\n                         FEMA officials further stated that ONSC may be the most appropriate office to\n                         provide additional oversight and to conduct assessments of COOP plans and\n                         programs. However, FEMA contends that currently they do not have the\n                         authority or resources to fulfill such a role.\n\n                         While FEMA officials agreed with us that DHS COOP oversight was inadequate\n                         and required improvements, the agency believes that limited oversight is\n                         provided through annual FEMA-coordinated government-wide COOP exercises,\n                         such as Forward Challenge 2004 and Pinnacle 2005. FEMA stated that they\n                         assumed that agencies, including TSA, have viable COOP capabilities due to\n                         their successful participation in these government-wide COOP exercises.\n                         Additionally, FEMA is working on a COOP reporting and oversight tool, the\n                         Readiness Reporting System, 23 which will require departments and agencies\n                         government-wide to answer a series of questions to determine and report their\n                         readiness posture. However, FEMA acknowledged that it has not yet addressed\n                         GAO concerns on how the agency plans to validate agencies\xe2\x80\x99 self-reported\n                         information on COOP capabilities.\n\n                 Recommendations\n                          We recommend the Under Secretary for Federal Emergency Management\n                          ensure that DHS Management Directive 9300.1 is revised to reflect the current\n                          DHS organization. The Directive should clearly assign and delineate COOP\n                          oversight responsibilities and authority to ensure that all DHS components have\n                          a viable COOP program in full compliance with FPC 65 that is capable of\n                          ensuring continuation of all essential functions under all COOP situations.\n\n\n        Management Comments and OIG Analysis:\n\n                         Management Comments to Recommendation\n\n                         FEMA generally agreed with the overall finding that DHS has provided only\n                         limited oversight of TSA COOP activities, and concurred with our\n                         recommendation to revise MD 9300.1 to clearly assign and delineate COOP\n                         oversight responsibilities and authority to ensure that all DHS components have\n                         a viable COOP program in full compliance with FPC 65. The agency stated that\n                         they believe that revisions to MD 9300.1 need to include some form of\n                         accountability which FEMA can enforce, and where agencies can ensure their\n                         national security commitments. While FEMA generally agreed that they\n23\n  The Readiness Reporting System was initially scheduled to be operational by October 2005; however, FEMA officials\nadvised that the system would now be ready by October 2006.\n\n                                         Audit of TSA Continuity of Operations Program\n                                                            Page 24\n\x0cprovide only limited oversight of TSA (and other agency) COOP activities, the\nagency stated that they do not have the authority to serve as a regulatory agent\nresponsible for ensuring that departments and agencies are prepared for COOP.\nFEMA contends they have provided significant oversight to many agencies\nincluding the TSA, by collecting agency COOP readiness status reports.\nThrough their co-chairing of the DHS COOP Working Group, the agency\npromotes the development, coordination, and integration of COOP planning and\nprograms throughout DHS. FEMA also stated that the agency has provided\nextensive and comprehensive COOP training to various departments and\nagencies during the past two years on revisions to FPC 65.\n\nOIG Comments and Analysis\n\nOur draft report noted that FEMA does not believe that it has been formally\nassigned the authority, nor does it have the resources, to assess DHS component\nCOOP programs, plans, and capabilities. We agree that FEMA is an active\nmember of the DHS Working Group, has provided numerous COOP training\nopportunities, and has coordinated government-wide COOP exercises.\nHowever, we still contend that DHS has not provided the depth of oversight\nnecessary to determine the extent to which TSA, as well as other DHS\ncomponents, are maintaining a COOP plan and program that is current and\ncontains all required information as outlined in FPC 65. FEMA generally\nagreed with our recommendation that MD 9300.1 needs to be revised to clearly\nprovide the authority necessary to fulfill a more robust COOP oversight role in\nthe Department.\n\nWhile FEMA concurred with Recommendation #4, the agency did not tell us\nspecifically what actions it intends to take to resolve the recommendation.\nTherefore, we consider the recommendation unresolved and open. We will\nconsider the recommendation closed and resolved when DHS Management\nDirective 9300.1 is revised to reflect the current DHS organization and clearly\nassigns and delineates COOP oversight responsibilities and authority to ensure\nthat all DHS components have a viable COOP program in full compliance with\nFPC 65 that is capable of ensuring continuation of all essential functions under\nall COOP situations.\n\nA copy of FEMA\xe2\x80\x99s entire response is included as Appendix B.\n\n\n\n\n             Audit of TSA Continuity of Operations Program\n                                Page 25\n\x0cAppendix A\nPurpose, Scope and Methodology\n\n\n\n                  The objective of this audit was to determine whether TSA has a viable COOP\n                  capability, which ensures the performance of its mission-essential functions\n                  during any emergency situation that may disrupt normal operations.\n\n                  Specifically, the audit determined whether:\n\n                      \xe2\x80\xa2   TSA has a viable COOP capability and a COOP plan that meets\n                          government-wide requirements and guidance that define a viable\n                          COOP capability.\n\n                      \xe2\x80\xa2   TSA and DHS provide effective guidance and oversight over TSA\xe2\x80\x99s\n                          COOP Plan and Program.\n\n                  To determine whether the TSA has a viable HQ COOP plan that meets\n                  government-wide requirements, we obtained and reviewed applicable federal\n                  laws, directives, and regulations; the TSA HQ COOP Plan (dated August\n                  2005); TSA COOP budget documentation; exercise reports; and associated\n                  supporting documentation provided by the TSA COOP Program Manager, 19\n                  Office Emergency Coordinators; and 4 airport COOP coordinators. We\n                  compared the TSA HQ COOP Plan against the requirements of FPC 65 and\n                  other TSA, DHS, and government-wide COOP guidance. Additionally, we\n                  physically inspected two TSA AOFs in the Washington metropolitan area\n                  established for COOP activation.\n\n                  To obtain a thorough understanding of the TSA COOP program and oversight\n                  provided by TSA and DHS, we interviewed the TSA COOP Program\n                  Manager and his staff, 19 TSA Office Emergency Coordinators, COOP\n                  coordinators from 4 category X airports, and FEMA officials responsible for\n                  overseeing DHS COOP programs.\n\n                  Our audit was conducted at TSA HQ between November 2005 and March\n                  2006, in accordance with generally accepted government auditing standards\n                  and in compliance with the laws and regulations to the extent necessary to\n                  satisfy the audit objectives.\n\n\n\n\n                              Audit of TSA Continuity of Operations Program\n                                                 Page 26\n\x0cAppendix B\nManagement Comments to Draft Report\n\n\n\n\n                            Audit of TSA Continuity of Operations Program\n                                               Page 27\n\x0cAppendix B\nManagement Comments to Draft Report\n\n\n\n\n                            Audit of TSA Continuity of Operations Program\n                                               Page 28\n\x0cAppendix B\nManagement Comments to Draft Report\n\n\n\n\n                            Audit of TSA Continuity of Operations Program\n                                               Page 29\n\x0cAppendix B\nManagement Comments to Draft Report\n\n\n\n\n                            Audit of TSA Continuity of Operations Program\n                                               Page 30\n\x0cAppendix B\nManagement Comments to Draft Report\n\n\n\n\n                            Audit of TSA Continuity of Operations Program\n                                               Page 31\n\x0cAppendix B\nManagement Comments to Draft Report\n\n\n\n\n                            Audit of TSA Continuity of Operations Program\n                                               Page 32\n\x0cAppendix B\nManagement Comments to Draft Report\n\n\n\n\n                            Audit of TSA Continuity of Operations Program\n                                               Page 33\n\x0cAppendix B\nManagement Comments to Draft Report\n\n\n\n\n                            Audit of TSA Continuity of Operations Program\n                                               Page 34\n\x0cAppendix C\nKey Sources of Guidance for Federal COOP Planning\n\n\n\n                   1. Executive Order 12148, Federal Emergency Management, July 20,\n                      1979, as amended: Created the Federal Emergency Management Agency\n                      (FEMA) and vested in it authorities and responsibilities related to civil\n                      defense and emergency preparedness government-wide.\n\n                   2. Executive Order 12656, Assignment of Emergency Preparedness\n                      Responsibilities, November 18, 1988, as amended: Developed to ensure\n                      that the United States would have sufficient capabilities at all levels of\n                      government to meet essential defense and civilian needs during any\n                      national security emergency. Under this Order, national security\n                      preparedness responsibilities were assigned to the individual federal\n                      departments and agencies. E.O. 12656 requires that the Director of FEMA\n                      and the heads of departments and agencies must ensure that their\n                      preparedness plans and activities are consistent with current presidential\n                      guidelines and policies.\n\n                   3. Executive Order 13286, Amendment of Executive Orders, and Other\n                      Actions, in Connection With the Transfer of Certain Functions to the\n                      Secretary of Homeland Security, February 28, 2003: The order\n                      transfers authorities to the Secretary of Homeland Security in a variety of\n                      policy areas, including those preparedness responsibilities assigned to the\n                      Director of FEMA in E.O. 12656.\n\n                   4. Presidential Decision Directive 67, Enduring Constitutional\n                      Government and Continuity of Government Operations, October 21,\n                      1998: Addresses the survival of United States government processes and\n                      continuity of essential federal civilian functions in the event of a nuclear\n                      attack or other disaster. This directive requires all federal departments and\n                      agencies to develop formal COOP plans to ensure continuity of their\n                      essential operations.\n\n                   5. FPC 65, Federal Executive Branch Continuity of Operations, June 15,\n                      2004: The primary document that provides the requirements that define a\n                      viable COOP plan and program. FPC 65 was revised and reissued on June\n                      15, 2004, superseding three previous continuity preparedness circulars:\n                      FPC 65, Federal Executive Continuity of Operations (1999); FPC 66, Test,\n                      Training, and Exercise (TT&E) Program for COOP (2001); and FPC 67,\n                      Acquisition of Alternative Facilities for COOP (2001).\n\n\n\n\n                               Audit of TSA Continuity of Operations Program\n                                                  Page 35\n\x0cAppendix D\nMajor Contributors to this Report\n\n\n\n                    Philadelphia Audit Office\n\n                    Timothy J. Crowe, Director\n                    Mark S. Phillips, Auditor-in-Charge\n                    Patrick O\xe2\x80\x99Malley, Program Analyst\n                    Christine Haynes, Auditor\n                    Michael A. Talevi, Referencer\n\n\n\n\n                                Audit of TSA Continuity of Operations Program\n                                                   Page 36\n\x0cAppendix E\nReport Distribution\n\n\n             Department of Homeland Security\n\n             Secretary\n             Deputy Secretary\n             Chief of Staff\n             Deputy Chief of Staff\n             General Counsel\n             Executive Secretary\n             Chief Privacy Officer\n             Assistant Secretary, Transportation Security Administration\n             Director, Federal Emergency Management Agency\n             Assistant Secretary for Policy\n             Assistant Secretary for Public Affairs\n             Assistant Secretary for Legislative and Intergovernmental Affairs\n             Director, GAO/OIG Audit Liaison Office\n             DHS OIG Liaison, TSA\n\n\n             Office of Management and Budget\n\n             Chief, Homeland Security Branch\n             DHS OIG Budget Examiner\n\n\n             Congress\n\n             Congressional Oversight and Appropriations Committees, as appropriate\n\n\n\n\n                                 Audit of TSA Continuity of Operations Program\n                                                    Page 37\n\x0cAdditional Information and Copies\n\nTo obtain additional copies of this report, call the Office of Inspector General (OIG) at\n(202) 254-4100, fax your request to (202) 254-4285, or visit the OIG web site at\nwww.dhs.gov/oig.\n\n\nOIG Hotline\n\nTo report alleged fraud, waste, abuse or mismanagement, or any other kind of criminal\nor noncriminal misconduct relative to department programs or operations, call the\nOIG Hotline at 1-800-323-8603; write to DHS Office of Inspector General/MAIL\nSTOP 2600, Attention: Office of Investigations - Hotline, 245 Murray Drive, SW,\nBuilding 410, Washington, DC 20528, fax the complaint to (202) 254-4292; or email\nDHSOIGHOTLINE@dhs.gov. The OIG seeks to protect the identity of each writer\nand caller.\n\x0c"